{"course":{"productid":32692,"modality":1,"active":true,"language":"en","title":"FortiAnalyzer Analyst","productcode":"FAZ-ANS","vendorcode":"FO","vendorname":"Fortinet","fullproductcode":"FO-FAZ-ANS","courseware":{"has_ekit":false,"has_printkit":true,"language":""},"url":"https:\/\/portal.flane.ch\/course\/fortinet-faz-ans","objective":"<p>After completing this course, you should be able to:\n<\/p>\n<ul>\n<li>Describe SOC objectives, responsibilities, and roles<\/li><li>Describe the role of FortiAnalyzer in a SOC<\/li><li>Describe FortiAnalyzer Security Fabric integration<\/li><li>Describe how logging works in a Security Fabric<\/li><li>Describe FortiAnalyzer Fabric deployments<\/li><li>Describe FortiAnalyzer operating modes<\/li><li>Describe how FortiAnalyzer parses and normalizes logs<\/li><li>Validate log parsers<\/li><li>Search logs using normalized fields<\/li><li>View and search for logs in the log view<\/li><li>Create saved filters and dashboards<\/li><li>View summary data in FortiView<\/li><li>View dashboards and widget features<\/li><li>Configure event handlers<\/li><li>Manage events<\/li><li>Configure indicators<\/li><li>Create incidents<\/li><li>Analyze incidents<\/li><li>Configure incident settings<\/li><li>Describe FortiAI operations and use cases<\/li><li>Describe threat hunting<\/li><li>Use the log count chart<\/li><li>Use the SIEM log analytics table<\/li><li>Describe outbreak alerts<\/li><li>Collect log volume statistics<\/li><li>Configure an automation stitch<\/li><li>Configure an event handler with an automation stitch enabled<\/li><li>Run and fine-tune predefined reports<\/li><li>Customize reports with macros, custom charts, and datasets<\/li><li>Configure external storage for reports<\/li><li>Group reports<\/li><li>Import and export reports and charts<\/li><li>Attach reports to incidents<\/li><li>Manage and troubleshoot reports<\/li><li>Create new playbooks<\/li><li>Use variables in tasks<\/li><li>Monitor playbooks<\/li><li>Export and import playbooks<\/li><\/ul>","essentials":"<p>You must have an understanding of the topics covered in the following courses, or have equivalent experience:\n<\/p>\n<ul>\n<li>FortiGate Operator<\/li><li><span class=\"cms-link-marked\"><a class=\"fl-href-prod\" href=\"\/swisscom\/en\/course\/fortinet-anlzr-admn\"><svg role=\"img\" aria-hidden=\"true\" focusable=\"false\" data-nosnippet class=\"cms-linkmark\"><use xlink:href=\"\/css\/img\/icnset-linkmarks.svg#linkmark\"><\/use><\/svg>FortiAnalyzer Administrator <span class=\"fl-prod-pcode\">(ANLZR-ADMN)<\/span><\/a><\/span><\/li><\/ul><p>It is also recommended that you have knowledge of the following topic:\n<\/p>\n<ul>\n<li>SQL SELECT statement syntax<\/li><\/ul>","audience":"<p>Security professionals responsible for Fortinet Security Fabric analytics and automating tasks to detect and respond to cyberattacks using FortiAnalyzer should attend this course.<\/p>","outline":"<ul>\n<li>SOC Concepts and Security Fabric<\/li><li>Log Data Flow and Navigation<\/li><li>Events, Indicators, and Incidents<\/li><li>FortiAI, Threat Hunting, and Troubleshooting<\/li><li>Reports<\/li><li>Playbooks<\/li><\/ul>","summary":"<p>In this course, you will gain the practical skills of a SOC analyst using FortiAnalyzer for centralized logging and analytics. You will learn how to examine and manage events, and automate threat response using event handlers and playbooks. You will also learn how to identify current and potential threats through incident analysis and outbreak reports. Finally, you will learn how to incorporate FortiAI in your workflow and generate security reports.<\/p>\n<p><small>This exam is part of the FCP Security Operations certification track.<\/small><\/p>","objective_plain":"After completing this course, you should be able to:\n\n\n\n- Describe SOC objectives, responsibilities, and roles\n- Describe the role of FortiAnalyzer in a SOC\n- Describe FortiAnalyzer Security Fabric integration\n- Describe how logging works in a Security Fabric\n- Describe FortiAnalyzer Fabric deployments\n- Describe FortiAnalyzer operating modes\n- Describe how FortiAnalyzer parses and normalizes logs\n- Validate log parsers\n- Search logs using normalized fields\n- View and search for logs in the log view\n- Create saved filters and dashboards\n- View summary data in FortiView\n- View dashboards and widget features\n- Configure event handlers\n- Manage events\n- Configure indicators\n- Create incidents\n- Analyze incidents\n- Configure incident settings\n- Describe FortiAI operations and use cases\n- Describe threat hunting\n- Use the log count chart\n- Use the SIEM log analytics table\n- Describe outbreak alerts\n- Collect log volume statistics\n- Configure an automation stitch\n- Configure an event handler with an automation stitch enabled\n- Run and fine-tune predefined reports\n- Customize reports with macros, custom charts, and datasets\n- Configure external storage for reports\n- Group reports\n- Import and export reports and charts\n- Attach reports to incidents\n- Manage and troubleshoot reports\n- Create new playbooks\n- Use variables in tasks\n- Monitor playbooks\n- Export and import playbooks","essentials_plain":"You must have an understanding of the topics covered in the following courses, or have equivalent experience:\n\n\n\n- FortiGate Operator\n- FortiAnalyzer Administrator (ANLZR-ADMN)\nIt is also recommended that you have knowledge of the following topic:\n\n\n\n- SQL SELECT statement syntax","audience_plain":"Security professionals responsible for Fortinet Security Fabric analytics and automating tasks to detect and respond to cyberattacks using FortiAnalyzer should attend this course.","outline_plain":"- SOC Concepts and Security Fabric\n- Log Data Flow and Navigation\n- Events, Indicators, and Incidents\n- FortiAI, Threat Hunting, and Troubleshooting\n- Reports\n- Playbooks","summary_plain":"In this course, you will gain the practical skills of a SOC analyst using FortiAnalyzer for centralized logging and analytics. You will learn how to examine and manage events, and automate threat response using event handlers and playbooks. You will also learn how to identify current and potential threats through incident analysis and outbreak reports. Finally, you will learn how to incorporate FortiAI in your workflow and generate security reports.\n\nThis exam is part of the FCP Security Operations certification track.","skill_level":"Intermediate","version":"7.6","duration":{"unit":"d","value":1,"formatted":"1 day"},"pricelist":{"List Price":{"US":{"country":"US","currency":"USD","taxrate":null,"price":950},"AT":{"country":"AT","currency":"EUR","taxrate":20,"price":950},"DE":{"country":"DE","currency":"EUR","taxrate":19,"price":950},"IT":{"country":"IT","currency":"EUR","taxrate":20,"price":950},"PL":{"country":"PL","currency":"EUR","taxrate":23,"price":950},"FR":{"country":"FR","currency":"EUR","taxrate":19.6,"price":1490},"NL":{"country":"NL","currency":"EUR","taxrate":21,"price":950},"CH":{"country":"CH","currency":"CHF","taxrate":8.1,"price":1000}}},"lastchanged":"2026-04-02T00:29:09+02:00","parenturl":"https:\/\/portal.flane.ch\/swisscom\/en\/json-courses","nexturl_course_schedule":"https:\/\/portal.flane.ch\/swisscom\/en\/json-course-schedule\/32692","source_lang":"en","source":"https:\/\/portal.flane.ch\/swisscom\/en\/json-course\/fortinet-faz-ans"}}